Russia appears to carry out hack through system used by US aid agency

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Hackers linked to Russia’s main intelligence agency surreptitiously seized an email system used by the State Department’s international aid agency to burrow into the computer networks of human rights groups and other organizations of the sort that have been critical of President Vladimir Putin, Microsoft Corp. disclosed Thursday.



a large brick building: The headquarters for the US Agency for International Development is seen in Washington. The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on US and foreign government agencies and think tanks using an email marketing account of the US Agency for International Development, Microsoft said, late Thursday.


© J. David Ake
The headquarters for the US Agency for International Development is seen in Washington. The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on US and foreign government agencies and think tanks using an email marketing account of the US Agency for International Development, Microsoft said, late Thursday.

Discovery of the breach comes only three weeks before President Biden is scheduled to meet Putin in Geneva, and at a moment of increased tension between the two nations — in part because of a series of increasingly sophisticated cyberattacks emanating from Russia.

Loading...

Load Error

The newly disclosed attack was also particularly bold: By breaching the systems of a supplier used by the federal government, the hackers sent out genuine-looking emails to more than 3,000 accounts across more than 150 organizations that regularly receive communications from the United States Agency for International Development. Those emails went out as recently as this week, and Microsoft said it believes the attacks are ongoing.

The email was implanted with code that would give the hackers unlimited access to the computer systems of the recipients, from “stealing data to infecting other computers on a network,” Tom Burt, a Microsoft vice president, wrote Thursday night.

Last month, Biden announced a series of new sanctions on Russia and the expulsion of diplomats for a sophisticated hacking operation, called SolarWinds, that used novel methods to breach at least seven government agencies and hundreds of large US companies.

That attack went undetected by the US government for nine months, until it was discovered by a cybersecurity firm. In April, Biden said he could have responded far more strongly, but “chose to be proportionate” because he did not want “to kick off a…

Source…